Need Help With Script | Encryption
-
Hello
I tried to make config of some site but i failed because i could not send Script properly.
Site uses script which changes inputted password in password box once i click on login button and sends new changed password in POST Request.
In browser i used this login credentialsuser123:password123
But in post request it appears like this
user123:33de3524dbae4574
it's not base 64 encode.
-
@sabbirgf2 said in Need Help With Script | Encryption:
Site uses script which changes inputted password
if you know that the site uses a script to change the password? why dont you check out the script to see how your password got encrypted or post the script here if you do not understand it i can take a look at it but im no expert.
-
@Itamai idk but it might help
Secure Protocol: Tls12 Cipher: Aes256 256bits Hash Algorithm: Sha384 ?bits Key Exchange: ECDHE_RSA (0xae06) 256bits
[Serial Number] 3C0CE171C87CACAC [Not Before] 15-Jul-19 3:47:23 PM [Not After] 12-Aug-21 8:01:24 PM [Thumbprint] 897A4977428C364081233D22747296FF6332A453
-
@sabbirgf2 sry thats not helping. check the javascripts which are loaded you should find the encryption method there
-
@Itamai said in Need Help With Script | Encryption:
@sabbirgf2 sry thats not helping. check the javascripts which are loaded you should find the encryption method there
@Itamai, I Posted the Script here, instead to open a new Question, asking how I can replicate the Code area selected using Function Block or doing a LoliScript implementation of course I don't understand how the Select area work
. Sorry @sabbirgf2 to Posted my request on yours, if I need to remove it and open my own let me know
I can't post the whole source on a single piece too big if more info is needed please let me know
var HASH_FUNCTIONS={COLP_HASH:function(a){var h=Cryptography.base64EncodeWordArray(Cryptography.hash("MD5",Cryptography.stringToUtf8WordArray(a.getPassword()),null,1)),h=Cryptography.stringToUtf8WordArray(a.getSalt().concat(h));a.setPasswordHash(Cryptography.hash("MD5",h,null,1))},DISTRIBUTED_HASH:function(a){var h=Cryptography.stringToUtf8WordArray(a.getSalt()+a.getPassword()),h=Cryptography.hash("SHA256",h,null,a.iterations);a.setPasswordHash(h);a=a.getNewSalt()==a.getSalt()?h:Cryptography.hash("SHA256", Cryptography.stringToUtf8WordArray(a.getNewSalt()+a.getPassword()),null,a.iterations);$("#newPasswordHash").data("hash",a)},NSL_HASH:function(a){var h=Cryptography.base64DecodeWordArray(decodeURIComponent(a.getSalt())),l=Cryptography.stringToUtf8WordArray(a.getGuid()),f=Cryptography.stringToUtf8WordArray(a.getPassword());a.setPasswordHash(Cryptography.hash("SHA512",h.concat(l).concat(f),null,20002))},SYM_ACCOUNT_HASH:function(a){var h=Cryptography.hash("SHA1",Cryptography.stringToUtf8WordArray(a.getPassword()), null,1);a.setPasswordHash("{SHA}"+Cryptography.base64EncodeWordArray(h))},SSHA_HASH:function(a){var h=Cryptography.base64DecodeWordArray(decodeURIComponent(a.getSalt())),l=Cryptography.hash("SHA1",Cryptography.stringToUtf8WordArray(a.getPassword()).concat(h),null,1);a.setPasswordHash("{SSHA}"+Cryptography.base64EncodeWordArray(l.concat(h)))}}; function obfuscateFields(a){for(var h=a.data("obfuscatedFieldIds")||[],l=a.data("obfuscationKey"),f=0;f<h.length;f++){var d=$("#"+h[f]);if(0!=d.length){var c=d.data("hash")||d.val();"undefined"!=typeof c&&null!=c&&0!=c.length&&(c=c.constructor==String?Cryptography.stringToCodePointsByteArray(c):Cryptography.wordArrayToByteArray(c),c=Cryptography.obfuscateByteArray(c,l),d.removeAttr("name"),d=a.find("input[type='hidden'][name='"+h[f]+"']"),0==d.length?a.append("<input type='hidden' name='"+h[f]+"' value='"+ c+"' />"):d.val(c))}}}
-
Could be LM or MySQL < version 4.1
-
@Br4uN Try to make php for encryption then use it as api for encryption.
That's what i do!